CVE-2025-67840
CVE-2025-67840 corresponds to multiple authenticated OS command injection vulnerabilities in Cohesity TranZman 4.0 Build 14614 (TZM_1757588060_SEP2025_FULL.depot). The web API endpoints (including Scheduler and Actions) concatenate user-controlled parameters into system commands, allowing an auth...